From: Kevin Wolf <kwolf@redhat.com>
To: qemu-devel@nongnu.org
Cc: kwolf@redhat.com, stefanha@redhat.com
Subject: [Qemu-devel] [PATCH 00/20] block: Handle failure for potentially large allocations
Date: Wed, 21 May 2014 18:27:58 +0200 [thread overview]
Message-ID: <1400689698-3096-1-git-send-email-kwolf@redhat.com> (raw)
A not too small part of the recent CVEs were DoS scenarios by letting
qemu abort with too large memory allocations. We generally "fixed" these
cases by setting some limits on values read from image files that
influence the size of allocations.
Because we still need to allow reading large images, this works only to
a certain degree and we still can get fairly large allocations, which
are not unthinkable to fail on some machines.
This series converts potentially large allocations to g_try_malloc() and
friends and handles failure gracefully e.g. by returning -ENOMEM. This
may cause hot-plug of a new disk or individual requests to fail, but the
VM as a whole can keep running.
Kevin Wolf (20):
block: Introduce qemu_try_blockalign()
block: Handle failure for potentially large allocations
bochs: Handle failure for potentially large allocations
cloop: Handle failure for potentially large allocations
curl: Handle failure for potentially large allocations
dmg: Handle failure for potentially large allocations
iscsi: Handle failure for potentially large allocations
nfs: Handle failure for potentially large allocations
parallels: Handle failure for potentially large allocations
qcow1: Handle failure for potentially large allocations
qcow2: Handle failure for potentially large allocations
qed: Handle failure for potentially large allocations
raw-posix: Handle failure for potentially large allocations
raw-win32: Handle failure for potentially large allocations
rbd: Handle failure for potentially large allocations
vdi: Handle failure for potentially large allocations
vhdx: Handle failure for potentially large allocations
vmdk: Handle failure for potentially large allocations
vpc: Handle failure for potentially large allocations
mirror: Handle failure for potentially large allocations
block.c | 33 +++++++++++++++++++++++++++------
block/bochs.c | 6 +++++-
block/cloop.c | 23 ++++++++++++++++++++---
block/curl.c | 8 +++++++-
block/dmg.c | 11 +++++++++--
block/iscsi.c | 16 +++++++++++++---
block/mirror.c | 7 ++++++-
block/nfs.c | 6 +++++-
block/parallels.c | 6 +++++-
block/qcow.c | 29 ++++++++++++++++++++++++-----
block/qcow2-cache.c | 12 +++++++++++-
block/qcow2-cluster.c | 28 +++++++++++++++++++++++-----
block/qcow2-refcount.c | 46 ++++++++++++++++++++++++++++++++++++----------
block/qcow2-snapshot.c | 18 +++++++++++++++---
block/qcow2.c | 37 +++++++++++++++++++++++++++++++------
block/qed-check.c | 7 +++++--
block/qed.c | 6 +++++-
block/raw-posix.c | 6 +++++-
block/rbd.c | 5 ++++-
block/vdi.c | 20 +++++++++++++++++---
block/vhdx-log.c | 6 +++++-
block/vhdx.c | 12 ++++++++++--
block/vmdk.c | 12 ++++++++++--
block/vpc.c | 6 +++++-
block/win32-aio.c | 6 +++++-
include/block/block.h | 1 +
include/qemu/osdep.h | 1 +
util/oslib-posix.c | 16 ++++++++++------
util/oslib-win32.c | 9 +++++++--
29 files changed, 327 insertions(+), 72 deletions(-)
--
1.8.3.1
next reply other threads:[~2014-05-21 16:28 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-21 16:27 Kevin Wolf [this message]
2014-05-21 16:27 ` [Qemu-devel] [PATCH 01/20] block: Introduce qemu_try_blockalign() Kevin Wolf
2014-05-22 15:50 ` Stefan Hajnoczi
2014-05-21 16:28 ` [Qemu-devel] [PATCH 02/20] block: Handle failure for potentially large allocations Kevin Wolf
2014-05-22 15:50 ` Stefan Hajnoczi
2014-05-21 16:28 ` [Qemu-devel] [PATCH 03/20] bochs: " Kevin Wolf
2014-05-22 15:52 ` Stefan Hajnoczi
2014-05-21 16:28 ` [Qemu-devel] [PATCH 04/20] cloop: " Kevin Wolf
2014-05-22 15:53 ` Stefan Hajnoczi
2014-05-21 16:28 ` [Qemu-devel] [PATCH 05/20] curl: " Kevin Wolf
2014-05-22 15:54 ` Stefan Hajnoczi
2014-05-21 16:28 ` [Qemu-devel] [PATCH 06/20] dmg: " Kevin Wolf
2014-05-22 15:55 ` Stefan Hajnoczi
2014-05-21 16:28 ` [Qemu-devel] [PATCH 07/20] iscsi: " Kevin Wolf
2014-05-21 20:26 ` Paolo Bonzini
2014-05-22 15:58 ` Stefan Hajnoczi
2014-05-21 16:28 ` [Qemu-devel] [PATCH 08/20] nfs: " Kevin Wolf
2014-05-22 16:00 ` Stefan Hajnoczi
2014-05-22 16:38 ` ronnie sahlberg
2014-05-21 16:28 ` [Qemu-devel] [PATCH 09/20] parallels: " Kevin Wolf
2014-05-22 16:01 ` Stefan Hajnoczi
2014-05-21 16:28 ` [Qemu-devel] [PATCH 10/20] qcow1: " Kevin Wolf
2014-05-22 16:01 ` Stefan Hajnoczi
2014-05-21 16:28 ` [Qemu-devel] [PATCH 11/20] qcow2: " Kevin Wolf
2014-05-22 16:07 ` Stefan Hajnoczi
2014-05-21 16:28 ` [Qemu-devel] [PATCH 12/20] qed: " Kevin Wolf
2014-05-22 16:08 ` Stefan Hajnoczi
2014-05-21 16:28 ` [Qemu-devel] [PATCH 13/20] raw-posix: " Kevin Wolf
2014-05-22 16:08 ` Stefan Hajnoczi
2014-05-21 16:28 ` [Qemu-devel] [PATCH 14/20] raw-win32: " Kevin Wolf
2014-05-22 16:09 ` Stefan Hajnoczi
2014-05-21 16:28 ` [Qemu-devel] [PATCH 15/20] rbd: " Kevin Wolf
2014-05-22 16:10 ` Stefan Hajnoczi
2014-05-21 16:28 ` [Qemu-devel] [PATCH 16/20] vdi: " Kevin Wolf
2014-05-22 16:10 ` Stefan Hajnoczi
2014-05-21 16:28 ` [Qemu-devel] [PATCH 17/20] vhdx: " Kevin Wolf
2014-05-22 16:11 ` Stefan Hajnoczi
2014-05-21 16:28 ` [Qemu-devel] [PATCH 18/20] vmdk: " Kevin Wolf
2014-05-22 16:11 ` Stefan Hajnoczi
2014-05-21 16:28 ` [Qemu-devel] [PATCH 19/20] vpc: " Kevin Wolf
2014-05-22 16:11 ` Stefan Hajnoczi
2014-05-21 16:28 ` [Qemu-devel] [PATCH 20/20] mirror: " Kevin Wolf
2014-05-22 16:11 ` Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1400689698-3096-1-git-send-email-kwolf@redhat.com \
--to=kwolf@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).